Overview
overview
5Static
static
1xoxo/cloud...ass.js
windows7-x64
3xoxo/cloud...ass.js
windows10-2004-x64
3xoxo/cloud...d.html
windows7-x64
1xoxo/cloud...d.html
windows10-2004-x64
1xoxo/cloud...rce.js
windows7-x64
3xoxo/cloud...rce.js
windows10-2004-x64
3xoxo/cloud...(1).js
windows7-x64
3xoxo/cloud...(1).js
windows10-2004-x64
3xoxo/cloud...e.html
windows7-x64
1xoxo/cloud...e.html
windows10-2004-x64
1xoxo/cloud...3.html
windows7-x64
1xoxo/cloud...3.html
windows10-2004-x64
1xoxo/cloud...n.html
windows7-x64
1xoxo/cloud...n.html
windows10-2004-x64
1xoxo/cloud/main.html
windows7-x64
1xoxo/cloud/main.html
windows10-2004-x64
1xoxo/cloud...ass.js
windows7-x64
3xoxo/cloud...ass.js
windows10-2004-x64
3xoxo/cloud...n.html
windows7-x64
1xoxo/cloud...n.html
windows10-2004-x64
5xoxo/cloud...use.js
windows7-x64
3xoxo/cloud...use.js
windows10-2004-x64
3xoxo/cloud...use.js
windows7-x64
3xoxo/cloud...use.js
windows10-2004-x64
3xoxo/cloud...use.js
windows7-x64
3xoxo/cloud...use.js
windows10-2004-x64
3xoxo/cloud...use.js
windows7-x64
3xoxo/cloud...use.js
windows10-2004-x64
3xoxo/cloud...min.js
windows7-x64
3xoxo/cloud...min.js
windows10-2004-x64
3xoxo/cloud...min.js
windows7-x64
3xoxo/cloud...min.js
windows10-2004-x64
3Static task
static1
Behavioral task
behavioral1
Sample
xoxo/cloud/a2/geoplugin.class.js
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
xoxo/cloud/a2/geoplugin.class.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
xoxo/cloud/a2/index_files/guid.html
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
xoxo/cloud/a2/index_files/guid.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
xoxo/cloud/a2/index_files/saved_resource.js
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
xoxo/cloud/a2/index_files/saved_resource.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
xoxo/cloud/a2/index_files/saved_resource(1).js
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
xoxo/cloud/a2/index_files/saved_resource(1).js
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
xoxo/cloud/a2/index_files/saved_resource.html
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
xoxo/cloud/a2/index_files/saved_resource.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
xoxo/cloud/a2/index_files/tcode3.html
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
xoxo/cloud/a2/index_files/tcode3.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral13
Sample
xoxo/cloud/a2/main.html
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
xoxo/cloud/a2/main.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
xoxo/cloud/main.html
Resource
win7-20240215-en
Behavioral task
behavioral16
Sample
xoxo/cloud/main.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral17
Sample
xoxo/cloud/o1/geoplugin.class.js
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
xoxo/cloud/o1/geoplugin.class.js
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
xoxo/cloud/o1/main.html
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
xoxo/cloud/o1/main.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral21
Sample
xoxo/cloud/o1/main_files/boot.worldwide.0.mouse.js
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
xoxo/cloud/o1/main_files/boot.worldwide.0.mouse.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral23
Sample
xoxo/cloud/o1/main_files/boot.worldwide.1.mouse.js
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
xoxo/cloud/o1/main_files/boot.worldwide.1.mouse.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral25
Sample
xoxo/cloud/o1/main_files/boot.worldwide.2.mouse.js
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
xoxo/cloud/o1/main_files/boot.worldwide.2.mouse.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral27
Sample
xoxo/cloud/o1/main_files/boot.worldwide.3.mouse.js
Resource
win7-20240215-en
Behavioral task
behavioral28
Sample
xoxo/cloud/o1/main_files/boot.worldwide.3.mouse.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
xoxo/cloud/o1/main_files/convergedlogin_pcore.min.js
Resource
win7-20240419-en
Behavioral task
behavioral30
Sample
xoxo/cloud/o1/main_files/convergedlogin_pcore.min.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral31
Sample
xoxo/cloud/o1/main_files/convergedloginpaginatedstrings-en.min.js
Resource
win7-20231129-en
Behavioral task
behavioral32
Sample
xoxo/cloud/o1/main_files/convergedloginpaginatedstrings-en.min.js
Resource
win10v2004-20240419-en
General
-
Target
0f56264e3414b713b157a1d19b4764bb_JaffaCakes118
-
Size
4.6MB
-
MD5
0f56264e3414b713b157a1d19b4764bb
-
SHA1
493208206175a29f929295d46806b2e7c9af0103
-
SHA256
1107fab9ef36e6a65c3353d545ba63d022f36b0b7dafc15f5f25d3ed44ef7d5f
-
SHA512
987199c39cac8b1c3752e09fa94ffebaf5f45042e68b5919a057f9d4c54752042283b74423c0bd395ff4bc63eac47500ab8ec3dcf4b9c48fe84ce7a07e9fb61f
-
SSDEEP
98304:eJ97nE05ldowmRIYE0UcdR1mo8ydN/wE0fddgwmpaOE0K0dpvmAkq:sdnPJowm/P1R1molwPHgwmHPNpvmG
Malware Config
Signatures
Files
-
0f56264e3414b713b157a1d19b4764bb_JaffaCakes118.zip
-
xoxo/cloud/.htaccess
-
xoxo/cloud/a2/.htaccess
-
xoxo/cloud/a2/ao33l.php
-
xoxo/cloud/a2/geoplugin.class.php.js
-
xoxo/cloud/a2/index.php
-
xoxo/cloud/a2/index_files/._logo.png
-
xoxo/cloud/a2/index_files/10-multiformat-ad.css
-
xoxo/cloud/a2/index_files/adchoices.png.png
-
xoxo/cloud/a2/index_files/circular_providers_sprite.png.png
-
xoxo/cloud/a2/index_files/guid.html.html .js polyglot
-
xoxo/cloud/a2/index_files/hdr_err.css
-
xoxo/cloud/a2/index_files/logo.png.png
-
xoxo/cloud/a2/index_files/lp-ui-logo-header.svg
-
xoxo/cloud/a2/index_files/lpUiStyles.css
-
xoxo/cloud/a2/index_files/onedrive.png.png
-
xoxo/cloud/a2/index_files/saved_resource.js
-
xoxo/cloud/a2/index_files/saved_resource(1).js
-
xoxo/cloud/a2/index_files/saved_resource.html.html .js polyglot
-
xoxo/cloud/a2/index_files/sns-grid.css
-
xoxo/cloud/a2/index_files/sns-login-screen.css
-
xoxo/cloud/a2/index_files/snslanding.css
-
xoxo/cloud/a2/index_files/tcode3.html.html .js polyglot
-
xoxo/cloud/a2/main.html.html .js polyglot
-
xoxo/cloud/a2/robot.txt
-
xoxo/cloud/bots.php
-
xoxo/cloud/css/style.css
-
xoxo/cloud/images/aol.png.png
-
xoxo/cloud/images/gmail.png.png
-
xoxo/cloud/images/landing-devices-bg.jpg.jpg
-
xoxo/cloud/images/mail.png.png
-
xoxo/cloud/images/office.png.png
-
xoxo/cloud/images/oneDrive.png.png
-
xoxo/cloud/images/outlook.png.png
-
xoxo/cloud/images/yahooMail.png.png
-
xoxo/cloud/index.php
-
xoxo/cloud/main.html.html
-
xoxo/cloud/o1/geoplugin.class.php.js
-
xoxo/cloud/o1/go.php
-
xoxo/cloud/o1/index.php
-
xoxo/cloud/o1/main.html.html .js polyglot
-
xoxo/cloud/o1/main_files/boot.worldwide.0.mouse.js.download.js
-
xoxo/cloud/o1/main_files/boot.worldwide.1.mouse.js.download.js
-
xoxo/cloud/o1/main_files/boot.worldwide.2.mouse.js.download.js
-
xoxo/cloud/o1/main_files/boot.worldwide.3.mouse.js.download.js
-
xoxo/cloud/o1/main_files/boot.worldwide.mouse.css
-
xoxo/cloud/o1/main_files/converged.login.min.css
-
xoxo/cloud/o1/main_files/convergedlogin_pcore.min.js.download.js
-
xoxo/cloud/o1/main_files/convergedloginpaginatedstrings-en.min.js.download.js
-
xoxo/cloud/o1/main_files/ellipsis_grey.svg
-
xoxo/cloud/o1/main_files/ellipsis_white.svg
-
xoxo/cloud/o1/main_files/microsoft_logo.svg
-
xoxo/cloud/o1/main_files/prefetch.html.html .js polyglot
-
xoxo/cloud/o1/main_files/sprite1.mouse.css
-
xoxo/cloud/o1/main_files/sprite1.mouse.png.png
-
xoxo/cloud/o1/robots.txt
-
xoxo/cloud/o4/geoplugin.class.php.js
-
xoxo/cloud/o4/go.php
-
xoxo/cloud/o4/index.php
-
xoxo/cloud/o4/main.html.html .js polyglot
-
xoxo/cloud/o4/main_files/boot.worldwide.0.mouse.js.download.js
-
xoxo/cloud/o4/main_files/boot.worldwide.1.mouse.js.download.js
-
xoxo/cloud/o4/main_files/boot.worldwide.2.mouse.js.download.js
-
xoxo/cloud/o4/main_files/boot.worldwide.3.mouse.js.download.js
-
xoxo/cloud/o4/main_files/boot.worldwide.mouse.css
-
xoxo/cloud/o4/main_files/converged.login.min.css
-
xoxo/cloud/o4/main_files/convergedlogin_pcore.min.js.download.js
-
xoxo/cloud/o4/main_files/convergedloginpaginatedstrings-en.min.js.download.js
-
xoxo/cloud/o4/main_files/ellipsis_grey.svg
-
xoxo/cloud/o4/main_files/ellipsis_white.svg
-
xoxo/cloud/o4/main_files/microsoft_logo.svg
-
xoxo/cloud/o4/main_files/prefetch.html.html .js polyglot
-
xoxo/cloud/o4/main_files/sprite1.mouse.css
-
xoxo/cloud/o4/main_files/sprite1.mouse.png.png
-
xoxo/cloud/o4/robots.txt
-
xoxo/cloud/o6/geoplugin.class.php.js
-
xoxo/cloud/o6/index.php
-
xoxo/cloud/o6/main.html.html .js polyglot
-
xoxo/cloud/o6/oneDrive.jpeg.jpg
-
xoxo/cloud/o6/otherother.php
-
xoxo/cloud/o6/robots.txt
-
xoxo/cloud/o6/style.css
-
xoxo/cloud/robots.txt
-
xoxo/cloud/y3/geoplugin.class.php.js
-
xoxo/cloud/y3/index.php
-
xoxo/cloud/y3/login_files/onedrive.png.png
-
xoxo/cloud/y3/login_files/yahoo_en-US_f_p_bestfit_2x.png.png
-
xoxo/cloud/y3/main.html.html
-
xoxo/cloud/y3/robots.txt
-
xoxo/cloud/y3/yah33oo.php
-
xoxo/xoxo/cloud/.htaccess
-
xoxo/xoxo/cloud/a2/.htaccess
-
xoxo/xoxo/cloud/a2/ao33l.php
-
xoxo/xoxo/cloud/a2/geoplugin.class.php.js
-
xoxo/xoxo/cloud/a2/index.php
-
xoxo/xoxo/cloud/a2/index_files/._logo.png
-
xoxo/xoxo/cloud/a2/index_files/10-multiformat-ad.css
-
xoxo/xoxo/cloud/a2/index_files/adchoices.png.png
-
xoxo/xoxo/cloud/a2/index_files/circular_providers_sprite.png.png
-
xoxo/xoxo/cloud/a2/index_files/guid.html.html .js polyglot
-
xoxo/xoxo/cloud/a2/index_files/hdr_err.css
-
xoxo/xoxo/cloud/a2/index_files/logo.png.png
-
xoxo/xoxo/cloud/a2/index_files/lp-ui-logo-header.svg
-
xoxo/xoxo/cloud/a2/index_files/lpUiStyles.css
-
xoxo/xoxo/cloud/a2/index_files/onedrive.png.png
-
xoxo/xoxo/cloud/a2/index_files/saved_resource.js
-
xoxo/xoxo/cloud/a2/index_files/saved_resource(1).js
-
xoxo/xoxo/cloud/a2/index_files/saved_resource.html.html .js polyglot
-
xoxo/xoxo/cloud/a2/index_files/sns-grid.css
-
xoxo/xoxo/cloud/a2/index_files/sns-login-screen.css
-
xoxo/xoxo/cloud/a2/index_files/snslanding.css
-
xoxo/xoxo/cloud/a2/index_files/tcode3.html.html .js polyglot
-
xoxo/xoxo/cloud/a2/main.html.html .js polyglot
-
xoxo/xoxo/cloud/a2/robot.txt
-
xoxo/xoxo/cloud/bots.php
-
xoxo/xoxo/cloud/css/style.css
-
xoxo/xoxo/cloud/images/aol.png.png
-
xoxo/xoxo/cloud/images/gmail.png.png
-
xoxo/xoxo/cloud/images/landing-devices-bg.jpg.jpg
-
xoxo/xoxo/cloud/images/mail.png.png
-
xoxo/xoxo/cloud/images/office.png.png
-
xoxo/xoxo/cloud/images/oneDrive.png.png
-
xoxo/xoxo/cloud/images/outlook.png.png
-
xoxo/xoxo/cloud/images/yahooMail.png.png
-
xoxo/xoxo/cloud/index.php
-
xoxo/xoxo/cloud/main.html.html
-
xoxo/xoxo/cloud/o1/geoplugin.class.php.js
-
xoxo/xoxo/cloud/o1/go.php
-
xoxo/xoxo/cloud/o1/index.php
-
xoxo/xoxo/cloud/o1/main.html.html .js polyglot
-
xoxo/xoxo/cloud/o1/main_files/boot.worldwide.0.mouse.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/boot.worldwide.1.mouse.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/boot.worldwide.2.mouse.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/boot.worldwide.3.mouse.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/boot.worldwide.mouse.css
-
xoxo/xoxo/cloud/o1/main_files/converged.login.min.css
-
xoxo/xoxo/cloud/o1/main_files/convergedlogin_pcore.min.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/convergedloginpaginatedstrings-en.min.js.download.js
-
xoxo/xoxo/cloud/o1/main_files/ellipsis_grey.svg
-
xoxo/xoxo/cloud/o1/main_files/ellipsis_white.svg
-
xoxo/xoxo/cloud/o1/main_files/microsoft_logo.svg
-
xoxo/xoxo/cloud/o1/main_files/prefetch.html.html .js polyglot
-
xoxo/xoxo/cloud/o1/main_files/sprite1.mouse.css
-
xoxo/xoxo/cloud/o1/main_files/sprite1.mouse.png.png
-
xoxo/xoxo/cloud/o1/robots.txt
-
xoxo/xoxo/cloud/o4/geoplugin.class.php.js
-
xoxo/xoxo/cloud/o4/go.php
-
xoxo/xoxo/cloud/o4/index.php
-
xoxo/xoxo/cloud/o4/main.html.html .js polyglot
-
xoxo/xoxo/cloud/o4/main_files/boot.worldwide.0.mouse.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/boot.worldwide.1.mouse.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/boot.worldwide.2.mouse.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/boot.worldwide.3.mouse.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/boot.worldwide.mouse.css
-
xoxo/xoxo/cloud/o4/main_files/converged.login.min.css
-
xoxo/xoxo/cloud/o4/main_files/convergedlogin_pcore.min.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/convergedloginpaginatedstrings-en.min.js.download.js
-
xoxo/xoxo/cloud/o4/main_files/ellipsis_grey.svg
-
xoxo/xoxo/cloud/o4/main_files/ellipsis_white.svg
-
xoxo/xoxo/cloud/o4/main_files/microsoft_logo.svg
-
xoxo/xoxo/cloud/o4/main_files/prefetch.html.html .js polyglot
-
xoxo/xoxo/cloud/o4/main_files/sprite1.mouse.css
-
xoxo/xoxo/cloud/o4/main_files/sprite1.mouse.png.png
-
xoxo/xoxo/cloud/o4/robots.txt
-
xoxo/xoxo/cloud/o6/geoplugin.class.php.js
-
xoxo/xoxo/cloud/o6/index.php
-
xoxo/xoxo/cloud/o6/main.html.html .js polyglot
-
xoxo/xoxo/cloud/o6/oneDrive.jpeg.jpg
-
xoxo/xoxo/cloud/o6/otherother.php
-
xoxo/xoxo/cloud/o6/robots.txt
-
xoxo/xoxo/cloud/o6/style.css
-
xoxo/xoxo/cloud/robots.txt
-
xoxo/xoxo/cloud/y3/geoplugin.class.php.js
-
xoxo/xoxo/cloud/y3/index.php
-
xoxo/xoxo/cloud/y3/login_files/onedrive.png.png
-
xoxo/xoxo/cloud/y3/login_files/yahoo_en-US_f_p_bestfit_2x.png.png
-
xoxo/xoxo/cloud/y3/main.html.html
-
xoxo/xoxo/cloud/y3/robots.txt
-
xoxo/xoxo/cloud/y3/yah33oo.php